There has been a recent increase in “greeting-card spam” that tries to compromise users by getting them to visit malicious websites. The subject line most often states, “You’ve received a postcard from a family member!” Within the message body, users are given options on how to retrieve their “postcard”. Links in the message direct users to malicious websites where their browsers may be attacked, or they may be prompted to download and execute malicious software. Attacks are directed at both Microsoft Internet Explorer and Mozilla Firefox browsers.

Users should be very cautious when following links in e-mail messages. Links to foreign domains (e.g. http://someaddress.hk in Hong Kong) or directly to IP addresses (e.g. http://123.123.123.123) should almost always be avoided.

Also, it is important to keep operating systems and software up-to-date with the latest security patches, as well as keep antivirus software virus definitions current.

For more information about this attack, please refer to the following article: